The Present and Future of Bots in Software Engineering

We are witnessing a massive adoption of software engineering bots, applications that react to events triggered by tools and messages posted by users and run automated tasks in response, in a variety of domains. This thematic issues describes experiences and challenges with these bots.

READ FULL TEXT VIEW PDF
06/19/2022

The Framework For The Discipline Of Software Engineering in Connection to Information Technology Discipline

This paper represents preliminary work in identifying the foundation for...
03/01/2021

Investigating the potential impact of values on requirements and software engineering

This paper describes an investigation into value-based software engineer...
03/23/2022

Continuous Software Engineering in the Wild

Software is becoming a critical component of most products and organizat...
04/28/2021

Multi-Objective Reconstruction Of Software Architecture

Design erosion is a persistent problem within the software engineering d...
02/05/2021

Towards Modal Software Engineering

In this paper we introduce the notion of Modal Software Engineering: aut...
07/13/2021

Promises and Perils of Inferring Personality on GitHub

Personality plays a pivotal role in our understanding of human actions a...
05/09/2019

A Road to Bio-inspired Software Engineering

Software production research is quickly evolving on two parallel approac...

Overview of papers in this special issue

Zimmerman et al., in their paper “Extending the team with a project-specific bot,” report their experience developing and maintaining a custom bot named Coq bot, which was built to support the Coq team (circa 40 developers and hundreds of contributors). The bot was initially developed to automate the synchronization between pull requests opened on a GitHub repository and branches on a GitLab mirror. Based on user feedback, the bot evolved to execute other tasks, including merging a pull request, keeping track of pull requests with merge conflicts, and backporting pull requests. The authors note that relying on familiar technology and straightforward and extensible architecture choices can ease the maintenance of a bot by facilitating the onboarding of new bot maintainers.

The adoption and characterization of bots in open-source projects is the topic of the article “From Specialized Mechanics to Project Butlers: the Usage of Bots in Open Source Development” by Wang and Redmiles. In this article, the authors sampled the top 1000 most popular (using the number of stars as a popularity metric) software development repositories on GitHub and studied whether the project employed software bots and, if so, what types of tasks those bots were helping with. As part of their conclusions, they highlight that over 60% of open-source projects do use bots, even though these bots often focus on automating simple tasks. The authors note that these bots are typically rule-based reacting to certain events they have subscribed to and show very limited interactive capabilities.

Cogo and Hassan focus in their article “Understanding the Customization of Dependency Bots: The Case of Dependabot” on a popular bot used on GitHub named Dependabot. This bot is used for checking and updating dependencies to libraries used in a project. The authors analyzed almost 500 projects that use Dependabot and have corresponding configuration files. The authors conclude that customizing a bot’s behavior can help in reducing noise but might also limit the bot’s usefulness as certain features might stop working. Therefore, designers of bots should be careful in considering the trade-off between allowing bot users to configure the bot and the interaction with features that the bot offers. In general, configurations should be as simple as possible since bot users interact with many different bots and, therefore, are not able to spend significant effort on maintaining their configurations. Cogo and Hassan even suggest that there could be sharing platforms for distributing tailored configuration files for certain project characteristics.

Markusse et al. study the use of benchmarking bots in their paper titled “Using Benchmarking Bots for Continuous Performance Assessment”. The authors show that bots are rarely used to continuously benchmark performance but that the situation is changing with the newly introduced GitHub Actions. Based on their findings, the authors encourage developers of performance-sensitive projects to consider adopting bot-based benchmarking. Specifically, adopting such bots can help with performance testing, the detection of performance regressions, and providing confidence to maintainers about complex changes.

Golzadeh et al. make a call for better bot identification techniques in their paper entitled “Recognizing bot activity in Collaborative Software Development”. The authors show that bots are among the most active accounts in open-source GitHub projects, yet they are rarely well identified. This large-spread presence of bots can impact certain analysis techniques that give credit based on activity. Hence, the authors argue that although current manual techniques tend to be the best option for maintainers, future work should examine the use of machine learning and artificial intelligence to detect bot activity.

Future challenges

The growth in popularity and contribution of bots is undeniable. The number of libraries, platforms, and reusable bots keeps mounting up. Nevertheless, to fully unleash the potential of bots in software engineering, we would like to draw attention to several technical and socioeconomic open challenges.

Regarding technical challenges, we need better systems to facilitate the coordination and collaboration of bots in the same project, as right now, each bot behaves in an independent way, and they can have conflicting actions. This challenge requires defining bot-specific coordination and integration policies.

Quality evaluation of bots is another key area. Mainly when bots include conversational capabilities, bot testing implies redefining many of the classical testing concepts as we need to test the behavioral part of the bot, the conversational component, and the combination of the two [RiccioJSHWT20, CabotBCDPR21].

Finally, security and privacy also pose relevant challenges. As we must be able to trust the bots we add to our projects, we need techniques that assure that bots will not perform malicious activities, leak data and request the bare minimum permissions.

Beyond technical aspects, we need to better understand users’ perception of bots and how to optimize human-bot collaboration. Bots will need to get better communication and cognitive skills. For instance, when interacting with users, bots should be able to show empathy and react differently depending on the result of the sentiment analysis of the conversation they are having so far. Another example would be that the learn and mimic the specific idiosyncrasy of a project (including its vocabulary and natural language use) to increase their chances of being accepted. At the same time, bots could help in promoting social diversity in the project. As an example, they could identify and better support contributions from community minorities in the project. Finally, they should be able to explain their behavior to improve their trustworthiness.

The economic impact of bots in a project also deserves special attention. We do not have good economic models to evaluate the return-on-investment (ROI) of adopting a certain bot. If we could estimate the value of a bot for a project, it would be much easier to have rational discussions with project owners considering the cost-benefit analysis of integrating it. Even if some bots are released as open-source software, this doesn’t mean there is no cost to adopt them. For example, developers often disregard the cost of learning how to use a bot properly.

So far, we have mostly discussed the impact of bots on software engineering. But as bots are software components themselves, bot development could and should benefit from well-grounded software engineering practices. What the best practices are for this specific type of software component remains to be seen. For example, it is still unclear how bots, especially collaborative and cognitive bots, will be tested. Bots are becoming smarter, and we know that the creation of smart software applications poses a specific set of additional challenges [Ozkaya20c]. We hope the community can benefit from this special issue’s papers and keep working on innovating in this increasingly important field.

References